Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/KqhZxTNle66xcuEprqVZVHGsHdo.roa
File: KqhZxTNle66xcuEprqVZVHGsHdo.roa (raw, json)
Hash identifier: RX1y0g12rLOcEQZSzn1VlHG/6+aX6IbWbhMslOxZRVI=
Subject key identifier: 2A:A8:59:C5:33:65:7B:AE:B1:72:E1:29:AE:A5:59:54:71:AC:1D:DA
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018DF412CAF0B5F5850072B7227FF7305F03
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/KqhZxTNle66xcuEprqVZVHGsHdo.roa
Signing time: Thu 29 Feb 2024 08:54:48 +0000
ROA not before: Thu 29 Feb 2024 08:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43350
IP address blocks: 45.67.120.0/22 maxlen: 22
45.148.152.0/22 maxlen: 22
217.114.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 08 Mar 2024 15:58:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:12:ca:f0:b5:f5:85:00:72:b7:22:7f:f7:30:5f:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Feb 29 08:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2aa859c533657baeb172e129aea5595471ac1dda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c4:98:9e:79:06:a9:3a:1d:b2:c9:84:87:c2:
ab:f8:c1:26:66:70:69:ef:fc:53:50:9d:6b:6c:99:
9b:2f:f3:0c:d7:e2:ff:73:7b:cd:08:85:5b:05:7a:
a4:65:a7:a2:74:68:11:8f:71:f5:8e:b9:24:30:81:
a3:95:e4:59:9b:b0:22:7c:d5:55:78:10:ba:25:25:
12:9c:fb:10:8d:2f:ef:0b:20:c5:f3:10:a4:54:49:
6b:cb:ce:53:f9:18:4d:53:a5:39:08:3c:4c:fc:0c:
d5:6f:b3:d2:1d:2e:c5:e8:47:56:5a:3b:5a:a6:af:
02:cb:5a:37:f9:bb:42:7c:87:1c:78:26:26:af:8a:
b2:fd:02:95:4d:c6:8a:86:d9:30:1e:9d:72:e2:ba:
70:cc:09:05:91:c7:d9:b6:77:a1:28:e8:7d:88:67:
d2:75:2f:43:b9:98:93:bf:7f:d1:97:0c:7c:d3:bc:
70:6a:4d:91:0b:00:cf:fc:59:f1:f9:bf:c8:cd:0f:
6b:15:56:c4:fa:55:36:fb:43:ad:f1:90:36:72:32:
7c:bb:44:ae:aa:16:1c:8a:9e:e1:4e:8e:ea:10:01:
62:bd:d3:fc:8a:43:68:4b:4e:a0:bb:3e:80:c5:5e:
d4:7b:31:e4:4b:bb:4f:8a:ee:c1:bb:05:fa:83:40:
f6:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A8:59:C5:33:65:7B:AE:B1:72:E1:29:AE:A5:59:54:71:AC:1D:DA
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/KqhZxTNle66xcuEprqVZVHGsHdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.120.0/22
45.148.152.0/22
217.114.41.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:a0:c8:8a:e9:71:32:7c:8f:9a:7f:f7:5f:8d:02:69:e5:25:
b8:d9:af:7e:e2:fb:84:1b:9c:20:6d:46:77:4f:29:68:b2:13:
dc:89:ab:58:c3:20:23:72:f1:86:36:26:0a:d2:fb:6b:f7:af:
6f:e2:3e:45:3c:f1:a7:b7:64:c9:b9:bd:36:8a:23:b8:b4:75:
79:7d:48:73:7a:96:f6:12:44:9a:2e:1a:00:cc:f6:77:30:3d:
f5:d7:38:7a:4f:c4:e7:be:c6:43:d9:8c:73:3a:e1:12:6e:be:
c1:65:1a:f3:be:8a:bf:9b:a4:93:9e:1b:51:1d:c2:ee:56:ec:
4f:f2:1f:12:1f:3c:c3:5e:79:9e:fe:54:df:7b:77:b2:ae:91:
6b:09:06:83:ec:cf:2d:af:e7:0c:d3:3f:f0:9c:7d:6e:b9:7a:
ab:89:cd:3e:1a:b0:72:ab:ad:be:40:a3:06:a5:d0:c2:23:dc:
e4:e2:da:54:08:cc:00:cc:cc:7e:60:27:05:44:29:14:91:af:
8f:5b:bb:b3:34:db:42:07:83:91:86:68:15:09:33:5a:f4:c0:
75:ff:6e:bd:68:4d:38:01:ea:31:d8:fe:ae:3c:16:17:49:46:
52:55:53:ae:48:5b:fb:dc:f6:7f:4d:d3:38:cd:f6:59:3d:42:
a9:7d:10:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY30EsrwtfWFAHK3In/3MF8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMjI5MDg1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWE4NTljNTMzNjU3YmFlYjE3MmUxMjlhZWE1NTk1NDcxYWMxZGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsSYnnkGqTodssmEh8Kr+MEmZnBp
7/xTUJ1rbJmbL/MM1+L/c3vNCIVbBXqkZaeidGgRj3H1jrkkMIGjleRZm7AifNVV
eBC6JSUSnPsQjS/vCyDF8xCkVElry85T+RhNU6U5CDxM/AzVb7PSHS7F6EdWWjta
pq8Cy1o3+btCfIcceCYmr4qy/QKVTcaKhtkwHp1y4rpwzAkFkcfZtnehKOh9iGfS
dS9DuZiTv3/Rlwx807xwak2RCwDP/Fnx+b/IzQ9rFVbE+lU2+0Ot8ZA2cjJ8u0Su
qhYcip7hTo7qEAFivdP8ikNoS06guz6AxV7UezHkS7tPiu7BuwX6g0D2ZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCqoWcUzZXuusXLhKa6lWVRxrB3aMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvS3FoWnhUTmxlNjZ4Y3VFcHJxVlpWSEdzSGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLUN4AwQC
LZSYAwQA2XIpMA0GCSqGSIb3DQEBCwUAA4IBAQCeoMiK6XEyfI+af/dfjQJp5SW4
2a9+4vuEG5wgbUZ3TyloshPciatYwyAjcvGGNiYK0vtr969v4j5FPPGnt2TJub02
iiO4tHV5fUhzepb2EkSaLhoAzPZ3MD311zh6T8TnvsZD2YxzOuESbr7BZRrzvoq/
m6STnhtRHcLuVuxP8h8SHzzDXnme/lTfe3eyrpFrCQaD7M8tr+cM0z/wnH1uuXqr
ic0+GrByq62+QKMGpdDCI9zk4tpUCMwAzMx+YCcFRCkUka+PW7uzNNtCB4ORhmgV
CTNa9MB1/269aE04Aeox2P6uPBYXSUZSVVOuSFv73PZ/TdM4zfZZPUKpfRAZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:22 2024 by rpki-client on console-fra.rpki-client.org